Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update various bits of documentation #1244

Merged
merged 6 commits into from
Aug 14, 2023
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
36 changes: 21 additions & 15 deletions CONTRIBUTING.md
Original file line number Diff line number Diff line change
@@ -1,26 +1,32 @@
# Contributing to SOPS

Mozilla welcomes contributions from everyone. Here are a few guidelines and instructions if you're thinking of helping with the development of SOPS.
The SOPS project welcomes contributions from everyone. Here are a few guidelines
and instructions if you are thinking of helping with the development of SOPS.

# Getting started

* Make sure you have Go 1.12 or greater installed. You can find information on how to install Go [here](https://golang.org/dl/)
* After following the [Go installation guide](https://golang.org/doc/install), run `go get github.com/getsops/sops/v3`. This will automatically clone this repository.
* Switch into sops's directory, which will be in `$GOPATH/src/github.com/getsops/sops/v3`.
* Run the tests with `make test`. They should all pass.
* Fork the project on GitHub.
* Add your fork to git's remotes:
* If you use SSH authentication: `git remote add <your username> git@github.com:<your username>/sops.git`.
* Otherwise: `git remote add <your username> https://github.com/<your username>/sops.git`.
* **Switch to the `develop` branch: `git checkout develop`**
* Make any changes you want to sops, commit them, and push them to your fork.
* **Create a pull request against `develop`**, and a contributor will come by and review your code. They may ask for some changes, and hopefully your contribution will be merged to the `develop` branch!
- Make sure you have Go 1.19 or greater installed. You can find information on
how to install Go [here](https://go.dev/doc/install)
- Clone the Git repository and switch into SOPS's directory.
- Run the tests with `make test`. They should all pass.
- Fork the project on GitHub.
- Add your fork to Git's remotes:
+ If you use SSH authentication: `git remote add <your username> git@github.com:<your username>/sops.git`.
+ Otherwise: `git remote add <your username> https://github.com/<your username>/sops.git`.
- Make any changes you want to SOPS, commit them, and push them to your fork.
- **Create a pull request against `main`**, and a maintainer will come by and
review your code. They may ask for some changes, and hopefully your
contribution will be merged!

# Guidelines

* Unless it's particularly hard, changes that fix a bug should have a regression test to make sure that the bug is not introduced again.
* New features and changes to existing features should be documented, and, if possible, tested.
- Unless it's particularly hard, changes that fix a bug should have a regression
test to make sure that the bug is not introduced again.
- New features and changes to existing features should be documented, and, if
possible, tested.

# Communication

If you need any help contributing to sops, several contributors are on the `#go` channel on [Mozilla's IRC server](https://wiki.mozilla.org/IRC).
If you need any help contributing to SOPS, several maintainers are on the
[`#sops-dev` channel](https://cloud-native.slack.com/archives/C059800AJBT) on
the [CNCF Slack](https://slack.cncf.io).
53 changes: 34 additions & 19 deletions README.rst
Original file line number Diff line number Diff line change
Expand Up @@ -17,21 +17,20 @@ Download

Stable release
~~~~~~~~~~~~~~
Binaries and packages of the latest stable release are available at `https://github.com/mozilla/sops/releases <https://github.com/mozilla/sops/releases>`_.
Binaries and packages of the latest stable release are available at `https://github.com/getsops/sops/releases <https://github.com/getsops/sops/releases>`_.

Development branch
~~~~~~~~~~~~~~~~~~
For the adventurous, unstable features are available in the `develop` branch, which you can install from source:
For the adventurous, unstable features are available in the `main` branch, which you can install from source:

.. code:: bash

$ mkdir -p $GOPATH/src/github.com/getsops/sops/v3/
$ git clone https://github.com/mozilla/sops.git $GOPATH/src/github.com/getsops/sops/v3/
$ cd $GOPATH/src/github.com/getsops/sops/v3/
$ git checkout develop
$ make install
$ mkdir -p $GOPATH/src/github.com/getsops/sops/
$ git clone https://github.com/getsops/sops.git $GOPATH/src/github.com/getsops/sops/
$ cd $GOPATH/src/github.com/getsops/sops/
$ make install

(requires Go >= 1.18)
(requires Go >= 1.19)

If you don't have Go installed, set it up with:

Expand Down Expand Up @@ -97,7 +96,7 @@ Editing will happen in whatever ``$EDITOR`` is set to, or, if it's not set, in v
Keep in mind that sops will wait for the editor to exit, and then try to reencrypt
the file. Some GUI editors (atom, sublime) spawn a child process and then exit
immediately. They usually have an option to wait for the main editor window to be
closed before exiting. See `#127 <https://github.com/mozilla/sops/issues/127>`_ for
closed before exiting. See `#127 <https://github.com/getsops/sops/issues/127>`_ for
more information.

The resulting encrypted file looks like this:
Expand Down Expand Up @@ -163,7 +162,7 @@ Test with the dev PGP key
If you want to test **sops** without having to do a bunch of setup, you can use
the example files and pgp key provided with the repository::

$ git clone https://github.com/mozilla/sops.git
$ git clone https://github.com/getsops/sops.git
$ cd sops
$ gpg --import pgp/sops_functional_tests_key.asc
$ sops example.yaml
Expand Down Expand Up @@ -645,7 +644,7 @@ found, the filename of the file being created is compared with the filename
regexes of the configuration file. The first regex that matches is selected,
and its KMS and PGP keys are used to encrypt the file. It should be noted that
the looking up of ``.sops.yaml`` is from the working directory (CWD) instead of
the directory of the encrypting file (see `Issue 242 <https://github.com/mozilla/sops/issues/242>`_).
the directory of the encrypting file (see `Issue 242 <https://github.com/getsops/sops/issues/242>`_).

The path_regex checks the path of the encrypting file relative to the .sops.yaml config file. Here is another example:

Expand Down Expand Up @@ -1235,7 +1234,7 @@ But this one will work just fine:
Examples
--------

Take a look into the `examples <https://github.com/mozilla/sops/tree/master/examples>`_ folder for detailed use cases of sops in a CI environment. The section below describes specific tips for common use cases.
Take a look into the `examples <https://github.com/getsops/sops/tree/master/examples>`_ folder for detailed use cases of sops in a CI environment. The section below describes specific tips for common use cases.

Creating a new file
~~~~~~~~~~~~~~~~~~~
Expand Down Expand Up @@ -1524,6 +1523,14 @@ the data key under tree->`sops`->`mac`.
Motivation
----------

📝 **A note from the maintainers**

This section was written by the original authors of SOPS while they were
working at Mozilla. It is kept here for historical reasons and to provide
technical background on the project. It is not necessarily representative
of the views of the current maintainers, nor are they currently affiliated
with Mozilla.

Automating the distribution of secrets and credentials to components of an
infrastructure is a hard problem. We know how to encrypt secrets and share them
between humans, but extending that trust to systems is difficult. Particularly
Expand Down Expand Up @@ -1680,8 +1687,7 @@ file format introduced in **1.0**.
Security
--------

Please report security issues to security at mozilla dot org, or by using one
of the contact method available here: `https://www.mozilla.org/en-US/security/#For_Developers <https://www.mozilla.org/en-US/security/#For_Developers>`_
Please report any security issues privately using `GitHub's advisory form <https://github.com/getsops/sops/security/advisories>`_.

License
-------
Expand All @@ -1690,16 +1696,17 @@ Mozilla Public License Version 2.0
Authors
-------

The core team is composed of:
SOPS was initially launched as a project at Mozilla in 2015 and has been
graciously donated to the CNCF as a Sandbox project in 2023, now under the
stewardship of a `new group of maintainers <https://github.com/getsops/community/blob/main/MAINTAINERS.md>`_.

* AJ Banhken @ajvb

The original authors were:
The original authors of the project were:

* Adrian Utrilla @autrilla
* Julien Vehent @jvehent

And a whole bunch of `contributors <https://github.com/mozilla/sops/graphs/contributors>`_
Furthermore, the project has been carried for a long time by AJ Bahnken @ajvb,
and had not been possible without the contributions of numerous `contributors <https://github.com/getsops/sops/graphs/contributors>`_.

Credits
-------
Expand All @@ -1709,3 +1716,11 @@ Credits
`sneaker <https://github.com/codahale/sneaker>`_,
`password store <http://www.passwordstore.org/>`_ and too many years managing
PGP encrypted files by hand...

-----

.. image:: docs/images/cncf-color-bg.svg
:width: 400
:alt: CNCF Sandbox Project

**We are a** `Cloud Native Computing Foundation <https://cncf.io>`_ **sandbox project.**
1 change: 1 addition & 0 deletions docs/images/cncf-color-bg.svg
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.